<?php

require_once(CONFIG_PATH.'config.php');
require_once(CONFIG_PATH.'error_handler.php');

// Chat class that contains server-side profiel
class Profiel {

    // database handler
    private $mMysqli;

    // constructor opens database connection
    function __construct() {
        // connect to the database
        $this->mMysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_DATABASE);
    }

    // destructor closes database connection
    public function __destruct() {
        $this->mMysqli->close();
    }

    //The postMessages method inserts a profile into the database
    public function postMessage($voornaam, $achternaam, $geslacht, $geboortedatum, $adres, $postcode, $woonplaats, $province, $telefoon, $bio, $foto, $opleiding, $niveau, $school, $stagedatum, $email, $wachtwoord) {

        // escape the variable data for safely adding them to the database
        $voornaam = $this->mMysqli->real_escape_string($voornaam);
        $achternaam = $this->mMysqli->real_escape_string($achternaam);
        $geslacht = $this->mMysqli->real_escape_string($geslacht);
        $geboortedatum = $this->mMysqli->real_escape_string($geboortedatum);
        $adres = $this->mMysqli->real_escape_string($adres);
        $postcode = $this->mMysqli->real_escape_string($postcode);
        $woonplaats = $this->mMysqli->real_escape_string($woonplaats);
        $province = $this->mMysqli->real_escape_string($province);
        $telefoon = $this->mMysqli->real_escape_string($telefoon);
        $bio = $this->mMysqli->real_escape_string($bio);
        $foto = $this->mMysqli->real_escape_string($foto);
        $opleiding = $this->mMysqli->real_escape_string($opleiding);
        $niveau = $this->mMysqli->real_escape_string($niveau);
        $school = $this->mMysqli->real_escape_string($school);
        $stagedatum = $this->mMysqli->real_escape_string($stagedatum);
        $email = $this->mMysqli->real_escape_string($email);
        $wachtwoord = $this->mMysqli->real_escape_string($wachtwoord);

        $querycheck = "SELECT * FROM studentprofiel WHERE email ='$email'";
        $resultcheck = $this->mMysqli->query($querycheck);
        if (mysqli_num_rows($resultcheck) == 0) {
            $query = 'INSERT INTO studentprofiel(voornaam, achternaam, geslacht, geboortedatum, adres, postcode, woonplaats, provencie, telefoon, biography, foto, opleiding, niveau, school, stagedate, email, wachtwoord ) ' .
                    'VALUES ("' . $voornaam . '","' . $achternaam . '","' . $geslacht . '","' . $geboortedatum . '","' . $adres . '","' . $postcode . '","' . $woonplaats . '","' . $province . '","' . $telefoon . '","' . $bio . '","' . $foto . '","' . $opleiding . '","' . $niveau . '","' . $school . '","' . $stagedatum . '","' . $email . '", SHA("' . $wachtwoord . '"))';
            // execute the SQL query
            $result = $this->mMysqli->query($query);

//            $url = "studenten.php?p=registratiegelukt";
//            $_SERVER['HTTP_REFERER'] = $url;

            echo "<a href=\"?p=registratiegelukt&t=student\">terug naar home pagina...</a>";
        } else {
            // An account already exists for this username
            echo '<p>An account already exists for this username. Please use a different address.</p>';
            echo "<a href=\"?p=makeprofile&t=student\">Terug naar profiel pagina...</a>";
        }
    }
}

?>
